Active Real-Time Content Inspection

The cybercrime landscape has changed. Until a few years ago, enterprises experienced static attacks. Malicious code was mainly served from small and unknown websites and it was also fairly easy to signature and to block it with an Anti-Virus solution. However, cybercriminals changed their attacks and made their malicious code dynamic and obfuscated; serving it from legitimate compromised websites and Web 2.0 sites. These dynamic attacks heighten the infection ratio and minimize the chance of detection by Anti-Virus or URL filtering solutions and reputation-based services.

Cybercriminals are embedding their dynamically obfuscated malicious code not only on webpages but also in rich-content file types such as PDF and Flash that are all over the Web. These techniques set a new challenge for security solutions and organizations to detect and block malware in real time; before the malware can enter the corporate network.

Active web security technologies, such as Finjan’s active real-time code inspection, were introduced to combat such new dynamic and obfuscated attacks.

Differentiated by its industry-recognized patented active real-time content inspection technology, Finjan’s unified Web security solutions inspect inbound and outbound communication, regardless of its originating URL and without signature-matching. They prevent data-stealing malware from infiltrating networks and laptops. The behavior-profile of active content is built in real time and compared to the security policy.

Finjan’s unique technology scans each and every piece of incoming and outgoing Web content in HTTP/HTTPS/FTP to detect and block Crimeware, malware, Trojans, targeted attacks and other malicious web content before they are able to penetrate corporate networks, even when hiding in SSL traffic. Inspected content remains encrypted when entering and exiting the appliance, ensuring that unencrypted traffic doesn’t leave the appliance to avoid eavesdropping.

As cybercriminals are using rich content types for distributing their malware on Web2.0 and high profile compromised websites, Finjan’s Acrobat Flash and PDF content inspection features enable the detection and prevention of active content embedded in rich content types in real time.

Active Real-Time Content Inspection - How It Works

Benefits

• Provides enterprises with a unified web security solution combining multi-layered security with productivity, liability and bandwidth control
• Detects and blocks Crimeware and Web 2.0 attacks by inspecting inbound and outbound communications in real time, regardless of its originating URL and without signature-matching
• Enables HTTPS/SSL content inspection to detect and block Crimeware and malware hiding in SSL traffic
• Enables Acrobat Flash and PDF content inspection of active content embedded in rich content types
• Inspected content remains encrypted when entering and exiting the appliance
• Powerful logging and reporting provides a flexible and scalable data analysis platform for internal use, audits, and compliance requirements
• Assistance in complying with regulations such as SOX (COBIT) DS5, HIPAA, GLB Act, PCI DSS 1.2., and FISMA.